Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Launcher.exe
-
Size
81.7MB
-
Sample
240308-ldsftacd9x
-
MD5
d4f685deb88b48dc0e55703f7ab56d82
-
SHA1
4db0f7c4a2c299eeeecb258c14d13c8c0714206a
-
SHA256
98faaafd3b450d836415eff09da56591fe31c54b4a668498416537262f2cd4c6
-
SHA512
e5794ca50a3336f4a0cd0f135fd78900dc6104c5e83791e15bc4887bd3b3ae3f6eb991fcb1261fcb6a15a539724f2b6b7ec4a8535a3a885be721a27413de8b36
-
SSDEEP
1572864:V/WHHr9qNUFkOVYIIu+eTt1Thl1RJzve1FizRreIQeLcsbI+No77:V/8L9qKiOYu+yzThlFzW1FizAIBQcNM7
Malware Config
Targets
-
-
Target
Launcher.exe
-
Size
81.7MB
-
MD5
d4f685deb88b48dc0e55703f7ab56d82
-
SHA1
4db0f7c4a2c299eeeecb258c14d13c8c0714206a
-
SHA256
98faaafd3b450d836415eff09da56591fe31c54b4a668498416537262f2cd4c6
-
SHA512
e5794ca50a3336f4a0cd0f135fd78900dc6104c5e83791e15bc4887bd3b3ae3f6eb991fcb1261fcb6a15a539724f2b6b7ec4a8535a3a885be721a27413de8b36
-
SSDEEP
1572864:V/WHHr9qNUFkOVYIIu+eTt1Thl1RJzve1FizRreIQeLcsbI+No77:V/8L9qKiOYu+yzThlFzW1FizAIBQcNM7
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-